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1 )^ Responsive to communication(s) filed on 03 December 2008 . 
2a )^ This action is FINAL. 2b)n This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Clalm(s) 1-12. 14-18.20-43 and 51-65 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) |EI Claim(s) 1-12.14-18.20-43 and 51-65 is/are rejected. 
/)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 
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DETAILED ACTION 

This responds to Applicant's Arguments/Remarl<s filed 12/03/2008. Claims 1,4, 
10, 14, 24, 27, and 29 have been amended. Claim 19 is cancelled and Claims 13 and 
44-50 stand cancelled. Claims 1-12, 14-18, 20-43, and 51-65 are now pending in this 
application. 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
12/3/2008 has been entered. 

Information Disclosure Statement 

2. This acknowledges present Examiner has considered PCT Application WO- 

04004855A1 as Applicant points out and present Examiner has verified, was not 
initialed by prior Examiner on the IDS received by Applicant (See list of references cited 
by applicant and considered by examiner 1449 mailed 5/17/2007). 



Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
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obviousness rejections set fortli in tliis Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. The factual inquiries set fortli in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), tliat are applied for establishing a background for determining 

obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

5. This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

6. Claims 1-12, 14-17, and 20-50 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over U.S. Patent Pub. No. 2001/0044339 to Cordero et al. (Cordero) in 
view of U.S. Patent Pub. No. 2006/0059253 to Goodman et al. (Goodman). 
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In Reference to Claims 1. 4, 10, 12. 14. 17, 23-24, 27, and 29 
Cordero discloses a gaming apparatus operatively connectable through a 
communication network to a gaming system server including at least one gaming 
terminal, operable to execute game software (para. 0007; where multiplayer game play 
is provided over a network), a secure communication apparatus, communicatively 
coupled to the gaming terminal and server, and operable to provide network access 
control for gaming information exchanged between the gaming terminal and server, and 
a communication network (para. 0012), an access control apparatus, communicatively 
coupled to the gaming terminal and server, and operable to prevent unauthorized 
access or malicious code access to gaming information within the gaming terminal or 
server (para. 0055; where players are granted or denied access based on player 
identification), and at least one integrity apparatus, communicatively coupled to the 
gaming terminal, and operable to ensure integrity of the gaming information within the 
gaming terminal and server (para. 0037; where a backup server is available to ensure 
the integrity of game system data). 

However, Cordero is silent on a system whereby the integrity apparatus 
operable to at least detect deviations, outside of a pre-selected boundary, in an existing 
state of the gaming information from a baseline state of the gaming information within 
the gaming terminal, and to report the detected deviations for acceptance and 
associated update of the baseline state or for remedial action to return the gaming 
information to the baseline state. 
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Goodman teaches of netcentric computing systems (Title) wliereby data is 
measured against a baseline for unauthorized changes and to query and report on 
network changes ("Data gathered by the network/systems management tools 804 can 
provide a baseline to measure against unauthorized changes. In this case, the query 
design of the change control components 914 should include the ability to perform ad- 
hoc or pre-determined queries, which can report on specific network management 
changes. Data gathered by network/systems management tools 804 (UNIX, VMS, 
MVS, etc.) can be utilized to monitor systems once a change has taken place. In this 
case, errors or system degradation in a change can be detected. A design 
consideration for the change control components 914 in this area would be to develop 
an interface with the systems management tools in which system performance 
degradation can be tracked and reported." para. 804; for gaming information based on a 
regulatory jurisdiction for the gaming apparatus para 0643 (look up codes for state tax 
on winnings); for acceptance and for remedial action are statements of intended use 
which the system of Goodman is capable of performing) in order to "provide a 
combination of tools, support services, procedures and controls that are required to 
keep a production system up and running well." (para. 708). 

In Reference to Claims 2. 5. 1 1 . 15. 25. 28 

Cordero discloses a gaming apparatus wherein the secure communication 
apparatus is operable to exchange gaming information and prevent unauthorized 
access to game information that is selected from a group of information types, using an 
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integrity apparatus, tliat includes the game software, game configuration data, game 
play data, game performance data, server- determined game outcomes, gaming device 
operations software, maintenance information, security data, player data, marketing 
data, operations data, accounting data, electronic fund transfer data, and wagering 
account transfer data (para. 0055; where players are granted or denied access to game 
software services based on player identification). 

In Reference to Claims 3 and 26 

Cordero discloses a gaming apparatus including at least one user interface 
selected from a group of user interfaces that includes a control panel, buttons, a coin 
acceptor, a note acceptor, one or more electro-mechanical reels, a keypad, one or more 
speakers, a card reader, a card reader display, a video display, a keyboard, a graphical 
interface unit display, a monitor, a printer, a modem, a tape drive, a digital Video disk 
drive, and a compact disk drive, (para. 0009; where multiple types of client systems, 
such as personal computers, games console systems, or personal digital assistants, 
each incorporating one or more of the above features may be used). 

In Reference to Claims 6-7 and 30-33 

Cordero discloses a gaming apparatus wherein the secure communication 
apparatus is further operable to execute virtual private network application software and 
implement a virtual private network tunneling protocol (para. 0037) and includes a public 
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network (para. 0010; where a virtual private network may be used over a public 
network, such as the Internet). 

In Reference to Claims 8-9 and 16 

Cordero discloses a gaming apparatus wherein the secure communication 
apparatus includes one or more firewalls and execute a cryptographic method to ensure 
integrity of the gaming information and implement an authentication protocol to prevent 
unauthorized access to an encryption key (para: 0035; where protected systems use 
firewalls and security encryption algorithms to restrict access and defeat unauthorized 
access). 

In Reference to Claims 20-22 

Cordero discloses a gaming apparatus wherein the first integrity apparatus is 
further operable monitor gaming information for deviations from one or more expected 
baselines, detect vulnerabilities in the gaming terminal, alter operations of the gaming 
terminal in response to detection of corrupt data or failure of the gaming terminal (para. 
0073; where a number of system failures and breakdowns are accommodated by a 
system). 

In Reference to Claims 34 and 41 

Cordero discloses a gaming system wherein the cryptographic protocol is 
selected from a group that includes a message authentication code protocol, a one-way 
hash protocol, a public-key cryptography protocol, a digital signature protocol, a 
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symmetric encryption protocol, and a random number generator protocol (para. 0052; 
where message identification is used to verify identity). 
In Reference to Claims 35-36 

Cordero discloses a gaming system wherein the firewall includes a 
programmable network processor and an adaptive computing C integrated circuit (para. 
0035; where a firewall work s with a protected computer, which may be a highly 
developed adaptive computing integrated circuit system). 

In Reference to Claims 37-38 

Cordero discloses a gaming system wherein each of the first access control 
apparatus and the second access control apparatus include at least one access control 
element, wherein the at least one access control element is selected from a group that 
includes a person authentication protocol, a software authentication protocol, a person 
authorization protocol, and an administration method (para. 0055; where a person 
identified and authenticated). 

In Reference to Claims 39-40 

Cordero discloses a gaming system wherein the person authentication protocol is 
selected from a group that includes a username authentication protocol, a password 
authentication protocol, a biometric authentication protocol, and an access token 
authentication protocol (para. 0055; where a person identified and authenticated via an 
ID access token). 
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In Reference to Claims 42-43 

Cordero discloses a gaming system wherein each of the first integrity apparatus 
and the second integrity apparatus include at least one integrity element, wherein the at 
least one integrity element is selected from a group that includes an antivirus software, 
an antivirus scanner, an intrusion detection system, a data integrity system, an incident 
response protocol, a security management protocol, a vulnerability assessment 
protocol, and an authentication protocol (para. 0035; where each server is protected by 
an integrity apparatus including a security management firewall). 

7. Claims 18 and 51-65 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent Pub. No. 2001/0044339 to Cordero et al. (Cordero) and U.S. Patent 
Pub. No. 2006/0059253 to Goodman et al. (Goodman) further in view of U.S. Patent No. 
6,468,1 55 of Zucker et al. (Zucker). 

Cordero as modified by Goodman discloses a system substantially equivalent to 
Applicant's claimed invention wherein a gaming apparatus with a first integrity apparatus 
(para. 0037; where a backup server is available to ensure the integrity of game system 
data). However, Cordero as modified by Goodman fails to disclose wherein the integrity 
apparatus is further operable to determine whether the detected deviations are valid, 
wherein if the integrity apparatus determines that the detected deviations are valid, the 
integrity apparatus is operable to report the detected deviations for acceptance and 
associated update of the baseline state, and wherein if the integrity apparatus 
determines that the detected deviations are not valid, the integrity apparatus is operable 
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to report the detected deviations for remedial action to return the gaming information to 
the baseline state; wherein the integrity apparatus includes one or more vulnerability 
assessment scanners operable to check settings of the gaming terminal and to 
determine whether the settings are consistent with a pre-selected gaming security 
policy; and wherein the Integrity apparatus includes one or more vulnerability 
assessment scanners operable to simulate behavior of an attacker to Identify 
vulnerabilities in the gaming terminal. 

Zucker teaches a security system which is further operable to detect intrusive 
network packets received by the gaming terminal (col. 7 llns. 4-9 "The game controller 
1 1 00 may Incorporate various elements to make sure that the game system 1 02 Is safe 
and secure for both the game provider and players. For example, network and systems 
security may be provided via: a dual fire-wall to create layered security; intrusion 
detection software; and strict access control on all servers."); wherein a determination of 
whether detected variations are valid or invalid and wherein the integrity apparatus 
includes one or more vulnerability assessment scanners operable to check settings of 
the gaming terminal and to determine whether the settings are consistent with a pre- 
selected gaming security policy; and wherein the Integrity apparatus Includes one or 
more vulnerability assessment scanners operable to simulate behavior of an attacker to 
Identify vulnerabilities in the gaming terminal (col. 9 lins 30-36 "The game design Is then 
evaluated at 620. And game design may be evaluated, for example, by a number of 
expert game designers who estimate a level of skill required to play the game. The 
game design may also be evaluated to determine a susceptibility of the game to the use 
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of automated game playing devices 260"; also, "The release of the game may also be 
evaluated, for example, with respect to risk management. That is, the game provider 
may carefully monitor players' prize awards and the winning frequency to identify 
suspicious player performance or an overly generous prize payout. Automatic triggers 
(a.k.a. vulnerability assessment scanners) may notify the game provider of risky results, 
and may even temporarily lock out a player or shut down a game until the game 
provider can investigate. By way of example only, players may be prevented from 
winning a top prize (e.g. one million dollars) more than once" and Game design and 
modification methods cols. 13-15) in order to provide notifications of unauthorized 
access and increase security of a gaming system. 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to employ the secure electronic gaming system as taught by 
Zucker into the teachings of Cordero as modified by Goodman in order to provide 
notifications of unauthorized access and increase security of a gaming system. 

Response to Arguments 
8. Applicant argues (see Applicant's Arguments/Remarks pagel 5-1 7) that the art of 
record fails to disclose forensic data (audit logs, system snapshots) in response to 
detecting deviations. Examiner respectfully disagrees. Goodman teaches of error 
handling and logging wherein "The error handling/logging services 274 are applications 
that support the handling of fatal and nonfatal hardware and software errors for 
applications. The error/handling logging services 274 take care of presenting the user 
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with an understandable explanation of what has happened and coordinating with other 
services to ensure that transactions and data are restored to a consistent state. In 
addition, the error handling/logging services 274 support the logging of informational, 
error and warning messages. The error handling/logging services 274 preferentially 
record application and user activities in enough detail to satisfy any audit trail 
requirements or to assist the systems support team in recreating the sequence of 
events that led to an error" [0640]; see also [0032, 04370, 0638]. Additionally, Applicant 
argues with respect to Claim 4 that gaming information is selected based on a 
regulatory jurisdiction for the gaming apparatus. Examiner respectfully disagrees. 
Goodman discloses a code look up table and function to apply the appropriate tax rate 
to gaming activity [0643]. Further, the system of Goodman is capable of accessing any 
code or look up data for the purposes of regulation or jurisdictional compliance. Thus, 
the rejection of the claims is maintained. 

9. Applicant argues (see Applicant's Arguments/Remarks pages 1 8-1 9) that Zucker 
fails to teach returning the gaming information to a baseline state if a deviation is invalid 
and that Zucker does not teach modifying the gaming information is a deviation is 
accepted. Examiner respectfully disagrees. The cited passage Col. 9 Lines 30-36 
teaches of a lock-out condition wherein play is suspended due to a deviation and the 
baseline remains unchanged. Further, Zucker (Col. 10 Lines 40-53) teaches of 
monitoring released games and modifying the baseline where "the game refiner may 
again refine the game design at 610 (e.g., by modifying a rule, a goal, or a prize 
structure associated with the game)". Additionally, Applicant argues Zucker fails to 
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teach checking setting of the gaming terminal and to determine whether the settings are 
consistent with a pre-selected gaming security policy. Examiner respectfully disagrees. 
Zucker teaches of risk management and of a risk management engine 1 108 wherein 
"The risk management engine 1 108 may, for example, use consumer demographic data 
to prevent children from accessing the site. A series of commerce and game risk 
management analytics and processes may also be used to reduce the game provider's 
exposure to monetary and game-play fraud. Leveraging risk management principles 
from the financial services industry, such preventive measures can also significantly 
reduce opportunities for credit card fraud. Additionally, operations research and 
statistical techniques may be deployed to on a near "real-time" basis identify and 
prevent game hacking (e.g., the use of automated game playing devices 260)" Col. 7 
Lines 63-67 and Col. 8 Lines 1-8. Thus, the rejection of the claims is maintained. 



Conclusion 

10. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure is provided in the Notice of References Cited. 

1 1 . Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

12. A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 



Application/Control Number: 10/824,780 Page 14 

Art Unit: 3714 

TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

1 3. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paul A. D'Agostino whose telephone number is 

(571 )270-1992. The examiner can normally be reached on Monday - Friday, 7:30 a.m. - 
5:00 p.m. 

14. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Dmitry Suhol can be reached on (571 ) 272-4430. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

1 5. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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/John M Hotaling 11/ /Paul A. D'Agostino/ 

Supervisory Patent Examiner, Art Unit 3714 Examiner, Art Unit 3714 



